Accession Number:

AD1106541

Title:

Secure Boot Deficiencies. Volume 2 of 2

Descriptive Note:

Technical Report,01 Nov 2019,23 Jun 2020

Corporate Author:

Nteligen Columbia United States

Report Date:

2020-08-01

Pagination or Media Count:

42.0

Abstract:

This technical report captures the research effort into two deficiencies encountered while implementing Secure Boot technology. The first deficiency discovered is that OpROMs will fail to load on a system that has custom Secure Boot keys in its key variables and has removed all manufacturer keys from the key variables. The second deficiency is that Secure Boot fails to validate the digital signatures of certificates within the Secure Boot key variables in standard Public Key Infrastructure PKI certificate hierarchy operation. The technical details each deficiency clearly and expands the research methodology applied to each. With the insights gained from our research, we make informed findings and recommendations on how to mitigate each deficiency. Lastly, within this technical report, we present best practices on how to implement Secure Boot technology.

Subject Categories:

  • Computer Systems

Distribution Statement:

APPROVED FOR PUBLIC RELEASE